//
// Authorization.cpp
// libprotea
// Tools Library for the Protea Project / Functionality for user credentials and authorization
// Copyright (C) 2003, 2004, 2005 eXegeSys, Inc.
// Copyright (C) 2008 Bruce A. James
//
// This program is part of the Protea Project.
//
// The Protea Project is free software; you can redistribute it and/or modify it 
// under the terms of the GNU General Public License as published by the 
// Free Software Foundation, either version 3 of the License, or (at your 
// option) any later version.
//
// The Protea Project is distributed in the hope that it will be useful, but 
// WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 
// or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 
// for more details.
// 
// You should have received a copy of the GNU General Public License along 
// with this program.  If not, see <http://www.gnu.org/licenses/>.
// 
// Please send correspondence to:
// 
// theproteaproject@gmail.com
//

#include "../defines.h"
#include "AppInterface.h"
#include "security.h"
#include "Transactions.h"

#include "../defns.h"
using namespace ProteaApp1;

XCCredentials::XCCredentials( const char* username, const XCAuthenticate* security ) {
	INFUNC( XCCredentials::XCCredentials, NULL );
	myowner = security;
	if (username)
		user = security->users.Find( username );
	else
		user = 0;
	OUTFUNC();
};

XCCredentials::~XCCredentials() {
//	printf( "Cleanup credentials\n" );
};

int XCCredentials::GetUserIndex() {
	if (user)
		return user->index;
	else
		return 0;
};



const char* XCCredentials::GetUserPassword() {
	return user->password;
};


const char* XCCredentials::GetUserName() {
	return user->name;
};


XCSecurityApplication* XCCredentials::AuthorizeApplication( int number ) {
	INFUNC( XCCredentials::AuthorizeApplication, NULL );

	// Determine if this user has access rights to this application
	XCSecurityApplication* app = myowner->apps.GetApplication( number );
	if (app) {
		int result = app->Evaluate( myowner, GetUserIndex() );
		if (result >= 0)
			RETURNFUNC( app );
	};

	// If we made it here, then return a failure message
	RAISETOOLSERROR( ERR_AUTHORIZATION_FAILURE );

	OUTFUNCRET( NULL );
};

void XCCredentials::AuthorizeTransaction( XCTransactionInfo* trans ) {
	INFUNC( XCCredentials::AuthorizeTransaction, NULL );

	// Always authorize application first
	XCSecurityApplication* app = AuthorizeApplication( trans->GetApplNumber() );
	int result = app->trans.EvaluateItems( myowner, GetUserIndex(), trans->GetTransNumber() );
	if (result < 0)
		RAISETOOLSERROR( ERR_AUTHORIZATION_FAILURE );

	OUTFUNC();
};

void XCCredentials::AuthorizeCapability( long app_number, long cap_number ) {
	INFUNC( XCCredentials::AuthorizeCapability, NULL );

	XCSecurityApplication* app = AuthorizeApplication( app_number );
	int result = app->caps.EvaluateItems( myowner, GetUserIndex(), cap_number );
	if (result < 0)
		RAISETOOLSERROR( ERR_AUTHORIZATION_FAILURE );

	OUTFUNC();
};
